Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ax9s4snvPFcb-7YWhGHsdsl720E.roa
File: ax9s4snvPFcb-7YWhGHsdsl720E.roa (raw, json)
Hash identifier: 7XrH/ufTosBmNMVKYZ3dpLtObvF3qGWiw5tujwCCOhg=
Subject key identifier: 6B:1F:6C:E2:C9:EF:3C:57:1B:FB:B6:16:84:61:EC:76:C9:7B:DB:41
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C0CA6698173D2C9DDA05A08E40C7152CA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ax9s4snvPFcb-7YWhGHsdsl720E.roa
Signing time: Sun 26 Nov 2023 17:21:21 +0000
ROA not before: Sun 26 Nov 2023 17:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62816
IP address blocks: 185.227.146.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0c:a6:69:81:73:d2:c9:dd:a0:5a:08:e4:0c:71:52:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 26 17:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b1f6ce2c9ef3c571bfbb6168461ec76c97bdb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:55:80:fa:f2:05:6b:e6:6b:41:0e:81:62:82:
6e:27:cd:8b:f2:b7:8a:13:bd:f1:45:87:b5:8d:cf:
a4:7e:04:6c:59:03:25:c5:1a:52:ee:3c:15:3c:95:
01:9d:47:73:b1:2e:44:20:e9:f5:03:bb:85:17:84:
0a:ce:ae:7f:4a:7b:69:06:8f:71:f0:2e:5f:16:0b:
27:95:4e:ad:4a:ed:d1:9b:e8:4e:7f:27:db:dd:79:
aa:d4:dd:2f:3e:2c:dd:b5:c6:a7:0c:cf:d4:ad:4c:
47:21:fa:e7:a8:96:41:75:94:48:9e:e1:28:62:2f:
78:08:5b:19:c5:f3:77:04:93:cc:55:27:0d:0c:d9:
23:49:0e:6f:ca:f1:e5:10:8e:8f:ea:ff:0b:fc:46:
5e:70:56:b1:33:ad:5c:a4:1b:7c:96:09:32:62:4e:
84:7d:62:e8:2b:40:08:21:d6:ae:76:15:d7:6e:51:
c4:52:43:93:30:39:0b:08:29:2f:be:5d:5c:fb:a2:
83:4d:fe:43:ef:9c:54:4d:99:cb:ba:07:b6:07:92:
f8:ec:87:36:d1:62:b4:dc:c2:a0:be:d6:97:d6:99:
3c:05:50:5e:b5:04:4b:20:b7:66:8c:d2:e3:cc:36:
32:c9:f6:16:87:14:fc:27:98:c9:d8:5d:0a:3e:91:
84:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1F:6C:E2:C9:EF:3C:57:1B:FB:B6:16:84:61:EC:76:C9:7B:DB:41
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ax9s4snvPFcb-7YWhGHsdsl720E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/24
185.227.146.0/24
Signature Algorithm: sha256WithRSAEncryption
06:7f:bb:73:e6:4a:49:3f:f6:fc:eb:10:67:00:45:2c:47:07:
f3:e1:cc:78:77:f5:fc:35:2d:09:b7:3f:bf:ac:bf:14:f1:d4:
15:bf:d8:0b:8f:09:a7:64:0e:9e:1e:50:30:ae:24:35:d6:39:
b0:39:9a:ec:ca:37:a7:6c:1f:a4:63:60:3f:88:91:02:61:45:
01:02:85:92:9c:7e:ca:a7:e8:ea:22:48:77:d7:75:61:ca:ce:
64:b9:44:53:38:30:18:f0:1a:fb:a3:86:01:15:ae:63:84:96:
b1:eb:df:b3:68:d0:01:70:7c:13:8c:af:39:e8:2d:c7:25:cc:
77:38:2b:75:6a:f4:b0:ba:25:15:79:f9:3f:60:df:3f:8e:96:
ad:94:2e:70:97:f4:45:cd:0e:1c:66:ed:7b:75:18:29:cb:f3:
a0:91:fb:7c:9c:3d:98:64:b4:a3:f5:7c:55:ab:9a:de:90:8f:
fc:ce:99:67:36:97:26:b3:b1:83:64:37:44:92:3e:5a:bd:60:
78:51:43:7d:3f:f5:bf:ee:31:22:08:33:d9:47:f5:87:41:f2:
69:4e:03:34:33:90:80:5d:7c:bc:b0:9e:1e:53:da:e1:33:56:
77:92:f6:2f:cf:52:eb:63:d6:75:9e:32:2f:83:30:69:8e:76:
75:a1:6e:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwMpmmBc9LJ3aBaCOQMcVLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTI2MTcyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjFmNmNlMmM5ZWYzYzU3MWJmYmI2MTY4NDYxZWM3NmM5N2JkYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVWA+vIFa+ZrQQ6BYoJuJ82L8reK
E73xRYe1jc+kfgRsWQMlxRpS7jwVPJUBnUdzsS5EIOn1A7uFF4QKzq5/SntpBo9x
8C5fFgsnlU6tSu3Rm+hOfyfb3Xmq1N0vPizdtcanDM/UrUxHIfrnqJZBdZRInuEo
Yi94CFsZxfN3BJPMVScNDNkjSQ5vyvHlEI6P6v8L/EZecFaxM61cpBt8lgkyYk6E
fWLoK0AIIdaudhXXblHEUkOTMDkLCCkvvl1c+6KDTf5D75xUTZnLuge2B5L47Ic2
0WK03MKgvtaX1pk8BVBetQRLILdmjNLjzDYyyfYWhxT8J5jJ2F0KPpGEPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGsfbOLJ7zxXG/u2FoRh7HbJe9tBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYXg5czRzbnZQRmNiLTdZV2hHSHNkc2w3MjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWzMAwQA
ueOSMA0GCSqGSIb3DQEBCwUAA4IBAQAGf7tz5kpJP/b86xBnAEUsRwfz4cx4d/X8
NS0Jtz+/rL8U8dQVv9gLjwmnZA6eHlAwriQ11jmwOZrsyjenbB+kY2A/iJECYUUB
AoWSnH7Kp+jqIkh313Vhys5kuURTODAY8Br7o4YBFa5jhJax69+zaNABcHwTjK85
6C3HJcx3OCt1avSwuiUVefk/YN8/jpatlC5wl/RFzQ4cZu17dRgpy/Ogkft8nD2Y
ZLSj9XxVq5rekI/8zplnNpcms7GDZDdEkj5avWB4UUN9P/W/7jEiCDPZR/WHQfJp
TgM0M5CAXXy8sJ4eU9rhM1Z3kvYvz1LrY9Z1njIvgzBpjnZ1oW5L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org